From f58316db0ef1b25506c8cd6cc86b3071243a672a Mon Sep 17 00:00:00 2001 From: Jeff King Date: Mon, 8 Feb 2016 17:25:01 -0500 Subject: [PATCH] rerere: replace strcpy with xsnprintf This shouldn't overflow, as we are copying a sha1 hex into a 41-byte buffer. But it does not hurt to use a bound-checking function, which protects us and makes auditing for overflows easier. Signed-off-by: Jeff King Signed-off-by: Junio C Hamano --- rerere.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/rerere.c b/rerere.c index 9bef24f5b2..3d0fa8f551 100644 --- a/rerere.c +++ b/rerere.c @@ -50,7 +50,7 @@ static int has_rerere_resolution(const struct rerere_id *id) static struct rerere_id *new_rerere_id_hex(char *hex) { struct rerere_id *id = xmalloc(sizeof(*id)); - strcpy(id->hex, hex); + xsnprintf(id->hex, sizeof(id->hex), "%s", hex); return id; } @@ -900,7 +900,7 @@ int rerere_forget(struct pathspec *pathspec) static struct rerere_id *dirname_to_id(const char *name) { static struct rerere_id id; - strcpy(id.hex, name); + xsnprintf(id.hex, sizeof(id.hex), "%s", name); return &id; }